As a user the Facebook Connect experience is great. I see a familiar
blue button, I click it, and I'm done. No creating an account, no coming
up with a new username and password, no entering specific data. And it's
not just a login, many Facebook integrated sites give me a better
experience with access to my Facebook social
network. For site owners the advantage of Facebook connect is clear:
good user experience, less code to manage, and access to Facebook data.

The problem is that Facebook is creating a monopoly. That's a huge risk
to every other company on the Internet. It's bad for users too, we're
losing the ability to use pseudonyms online. And while Facebook's
technical execution is excellent the company has demonstrated over and
over again its willigness to act unethically towards their users. We don't
want them controlling user identity.

There is a terrific technical alternative to Facebook Connect: OpenID. The tech works
well and it's open, letting users and companies choose their identity
provider. But despite some four years' headstart it's never succeeded in
being adopted widely like Facebook Connect has. And while I like
competing login systems like Sign in with
Twitter, identity is too important on the Internet to let any
proprietary solution dominate. Our ecosystem needs a productive open
standard. I still think OpenID is sufficient, but I'm in a
dwindling minority.

I'm at my Reed College reunion, reconnecting with old friends. We're
all about 35 – 40. I've noticed there's a real difference in my
conversations depending on whether we're connected via Facebook
and Twitter or not. I post a lot online: folks who follow me
already know I live in San Francisco, that I'm a pilot, that I was in
Slovakia last year. It's a great place to start.

Before the Internet we had casual social information sharing. Christmas
letters, alumni class notes, outright gossip. But online social networks make
it way easier and more fulfilling, you can learn as little or as much
about someone as you want.

The best thing has been meeting someone I haven't talked to in fifteen
years, finding we have a lot in common, then making a point of finding
them online while standing there with them. So
we can stay in touch. Social media really works to keep a community
together.

Apparently it's news to almost every web developer out there, but in the
real world people's names have spaces in them. My name is "Nelson
Minar". It is not "Nelson_Minar" or "NelsonMinar" or "NelsonM" or
"Nelson397" or any of the other nonsense I have to use to work with some
website who's decided to constrain names to some 1980s software-friendly
character subset.

The hardest part of signing up for a new site these days is picking a
unique user name. It's annoying to have to remember different names. And
it's really obnoxious when my janked up UserName is also used as my
display name. The right way to do logins right now on the Web is
use email address as the login name and let the user choose their own
display name which does not need to be unique. That's not ideal (email
addresses can change) but it works pretty well. If you absolutely have
to not use email as the login name, please at least let my login name
have a space in it.

While I'm delivering the news, here's something for you
ignorant American backwoods motherfuckers. Some people's names have
"special characters" in them. Like François Rabelais or
Björk Guðmundsdóttir or
艾未未.
It's 2011; the only software that can't handle Unicode properly is Perl.
(As if you needed another reason not to use Perl.) Stop limiting your
code; there are only two languages that can even be written in ASCII.

A big motivation for my Wind History
map project was building a tech demo showing off dynamic
SVG
generation. I'm pretty proud of the implementation: it's 100% static
files, no active server code at all. The whole thing is two 3k HTML
pages, 20k of custom Javascript, and 24mb of JSON data. All the hard
work is done by
Mike Bostock's
brilliant Polymaps and D3 Javascript libraries.
Here's some details.

I'm most proud of the map
view, wind roses on top of a slippy map of OpenStreetMap tiles. I
originally loaded pre-generated images on top of the base map but
each PNG was some 2kb and that's a lot of HTTP requests. Each station
only needs 12 bytes of data, so I rewrote the site
to render the diagrams in
Javascript in the browser all driven by a single 200k JSON database.
It's a very cool technique and works great.

Naïvely drawing 2500 SVG diagrams on the map is slow and cluttered.
Mike came to my rescue and wrote a tiler for me so that I only render
SVG when the location is visible. I also replaced the wind roses with
simple circles when zoomed out too far. It'd be better to declutter by
only drawing the most important weather stations at high zoom levels; I
fear many people never realize they can zoom in on the map.

The station page
is equally important, a detailed wind diagram for every location. It's pretty
aggressively Javascripted, I have a single template HTML page that
gets filled with JSON
data. I really like this client-heavy
development style, it's very productive and scalable. The drawback
is my site is largely invisible to search engines. I'll probably go back
and pre-generate station HTML for all the pages just to cater to
Googlebot.

The station page is pretty simple: I had to cut a lot of planned
features to meet my deadline. I've got code in development for filtering
by month with animated
transitions to show winds shifting over a year. Also plans for fancier
histograms of wind speed, more airport data, etc. Lots to do here
still, will be fun.

I'm really excited by the ability to build complex visualizations
entirely in Javascript. Browsers are really capable software hosts now.
Between SVG, Canvas, and WebGL we have three beautiful rendering
options. It was particularly liberating to decide not to care about MSIE
before 9.0; what a terrible tax Microsoft has placed on developers.

One goal of the project is to help pilots understand typical winds at
their airports. It's also a neat demo of what modern web development
technology can do. I'm particularly proud that the wind rose diagrams in
the map are rendered entirely client side in SVG from a single 200k data
file. More tech details in a followup blog post.

Another Sony hack yielded a database of 1,000,000 plaintext passwords.
Why does Sony have plaintext passwords? Because they're idiots and
deserve to suffer a civil lawsuit. But
Sony's negligence is security researchers' gain: check out this
analysis
of the
password haul. The most astonishing result:

Two thirds of people with accounts at both Sony and Gawker reused their
passwords.

Passwords are a broken mechanism of authentication. They are weak,
dangerous, and
difficult for naïve users to use correctly. It's time to
end passwords.

The SF Chronicle has a
heartbreaking
story about how a married gay couple of 19 years may be split up by
US immigration.

Starting June 13, Makk, 48, faces possible deportation if he remains in
the country illegally when his current visa expires. If he leaves, he
would not be readmitted, the couple would be all but permanently
separated and Wells, who has severe health complications from AIDS,
would be left without his spouse and sole caregiver.

"We're at the end of our rope," said Wells, 55. "Ever since we met, all
we've tried to do is be together. The focal point of our lives,
everything we've done, is just so we could be together."

They are legally married (in Massachusetts) but thanks to
a federal
law passed and signed
by the Democrats their marriage has no status for immigration. The
Australian in the story isn't even a second class citizen: he's no kind
of citizen at all.

I'm fascinated by how
it works. I'm going to quote their "About" page in full, because I'm
guessing it won't be online much longer.

Silk Road is an anonymous marketplace where you can buy and
sell without revealing who you are. We protect your identity through
every step of the process, from connecting to this site, to purchasing
your items, to finally receiving them.

Connecting to the site: Silk Road uses the Tor network to
anonymize all traffic to and from the site so no one can find out who we
are or who you are from your internet traffic. All traffic is encrypted
and relayed through Tor nodes accross the globe, each one not knowing
the origin or destination of the traffic. To learn more about the Tor
network, visit torproject.org.

Purchasing your items:
The currency used to buy stuff on Silk Road is called Bitcoin. Bitcoin
uses encryption and a system of peer-to-peer double checking to create a
completely digital currency. No personal information is associated with
your bitcoins at all, making them ideal for anonymous transactions.
Additionally, Silk Road employs a built-in tumbler that mixes all
incoming bitcoins through a series of dummy transactions before they
ever leave. Click here for instructions on how to get Bitcoins, or visit
Bitcoin.org to learn more.

Delivery:
Absolutely none of your personal information is ever required here.
However, an address WILL be needed to accept delivery of any physical
goods. Even so, it is stored encrypted, and is deleted as soon as your
transaction is complete, so there is no record of it. And, because Silk
Road is a Tor Hidden Service, the address remains encrypted within the
Tor network when it is transfered.

For more details about improving your anonymity and making purchases,
please read our buyers guide.

Now type @ nelson in the Chrome address bar and voila! You go
to my Twitter account. Or type # twitter to see tweets with the
twitter hashtag. Note the space is necessary; not sure it's possible to
eliminate that.

The steps up above are awfully manual but work fine. There's probably a
way to automate this installation in Chrome; I know there's a discovery
protocol for websites to automatically add suggested searches.